Can I NAT prior to VPN Tunnel?

Answered Question
Jun 30th, 2008
User Badges:


I would like to add servers to a site to site ipsec tunnel configuration for transport.

However, I will need to NAT those machines for presentation at the other side.

For a Cisco 1760 (vpn endpoint) running on 12.3 code, is this possible?

If it is possible, could I get a link to a config? Or perhaps a snippet here?

We are using two ethernet interfaces for this:

ethernet1/0 is the inside

ethernet0/0 is the outside

Can't seem to find any documentation for it.



Correct Answer by Farrukh Haroon about 9 years 3 weeks ago

This is the 'NAT Order of Operation' employed by Cisco devices, It seems NAT is before the crypto check anyway



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)


This Discussion